Demo Advanced Threat Protection

Slides:

Advertisements

Similar presentations

Microsoft® Lync™ 2010 IM and Presence Training

Advertisements

Setting up your Lyreco Account.

Refresher Instruction Guide Strategic Planning and Assessment Module

Web Filtering. ExchangeDefender Web Filtering provides policy-controlled protection from dangerous content on the web. Web Filtering is agent based, allowing.

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.

On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing environment.

 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.

1 of 6 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of.

HOW TO USE BY ALEX ROSS ALEX ROSS. HOW TO CREATE ACCOUNT FOR DUMMIES is a great way to communicate with others. We can interact with.

How to Get The Most Out of Outlook 2003 Michele Schwartzman Division of Customer Support Summer 2006.

OSP214. SECURITY PRIVACY RELIABILITY & SERVICE CONTINUITY COMPLIANCE.

What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.

1 FOR OFFICIAL USE ONLY How To Add a CATMS Team Mailbox to Your Outlook Profile.

Message Trace Office 365 May 2013.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.

E- MAIL APPLICATION CALENDAR MODUL. B ENEFITS OF CALENDAR Calendar sharing. Outlook Web App now enables your users to share their calendars with people.

Advanced User Guide to Outlook and all its features.

Unit 10 Communication Services.  Identify types of electronic communication  Describe users of electronic communication  Identify major components.

Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.

Client X CronLab Spam Filter Technical Training Presentation 19/09/2015.

COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.

®® Microsoft Windows 7 Windows Tutorial 5 Protecting Your Computer.

Unit 10 Communication Services

Microsoft ® Outlook ® 2010 Outlook How-Tos. Course Contents Learn how to perform several daily Outlook tasks using Calendars, Clipart, and features.

Dylan Bayliff. Contents: 1- Sending s & Using etiquette 2- Staying safe and Accessing 3- Open s 4- Replying to s 5- Setting up contacts.

Basic User Guide to Outlook. Info: Manage account settings, create automatic replies to s, clean up your mailbox, and create Rules and Alerts Print:

“SaaS secure web and gateways frequently provide efficiency and cost advantages, and a growing number of offerings are delivering an improved.

Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training WatchGuard XCS What’s New in version 10.1.

 Left Side  Mail/Contacts/Tasks  Labeled Folders  Contacts – “IM” Feature  Right Side  s.

Implementing Microsoft Exchange Online with Microsoft Office 365

OWA Basic Training. Topics Mail Logging into OWA Navigating mailbox: Reading messages New messages New mail folders Reply/Forward/Print/Delete Mark, Flag,

Information explosion 1.4X 44X Protect communications.

American Diploma Project Administrative Site Training.

On-premises Exchange Online Protection Office 365 Directory Sync Secure mail flow Existing environment.

Orders – Create Responses Boeing Supply Chain Platform (BSCP) Detailed Training July 2016.

Windows Tutorial 5 Protecting Your Computer

Anti-Spam Managing Spam with Kerio Connect

Welcome to iDSS Partner XtraNet Training

Exchange Online Advanced Threat Protection

Outlook: Tips and Tricks

Project Management: Messages

12 | Monitoring Office 365 Anthony Steven | Principal Technologist, Content Master Martin Coetzer | Portfolio Architect, Microsoft.

Microsoft Outlook By: Phuong Nguyen.

CS3015 Beacon Module 4 Messenger & Setting Preferences

Administrator Training

Digital signatures and document or encryption

9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.

9/14/2018 6:28 AM How to create Learning Plans in Partner University Mary Sutton October 2017 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT.

Demo Skype for Business: Meeting Broadcast INSTRUCTIONS:

Exchange Online Advanced Threat Protection

We innovate and simplify technology for a great customer experiences

How to customize your Microsoft SharePoint Online website

4 ways to stay safe online 1. Avoid viruses and phishing scams

August 17, 2015 J. Boles, J.Burnias and M.Garcia Office 2013

What is it? Why do I keep getting from Barracuda? SPAM.

Technology Support Center Office 365 Outlook

Real World Advanced Threat Protection

How to customize your Microsoft SharePoint Online website

Office 365 Reporting Dashboard - Overview

HOW TO ADD SIGNATURE TO MICROSOFT OFFICE OUTLOOK

EBSCOhost Advanced Search Guided Style

Spear Phishing Awareness

Policies Admin Training.

This presentation document has been prepared by Vault Intelligence Limited (“Vault") and is intended for off line demonstration, presentation and educational.

1.2.2 Security aspects • Show understanding of the security aspects of using the Internet and understand what methods are available to help minimise the.

Quick Guide for Online Ordering

Cybersecurity Simplified: Phishing

Presentation transcript:

Demo Advanced Threat Protection INSTRUCTIONS: Set Screen Resolution to 1920x1080 Start the Slide Show If you are projecting to a second monitor, use Presenter View on your PC to read the talk track and see where to click next (note that this is a PowerPoint, so the “clicks” are intended to make the presentation as close to a Live Code demo as possible)

Microsoft has made great investments for Office 365 in the area of compliance. Exchange Online Protection has been in place for a while in Office 365. In the Exchange admin center, administrators can create filtering policies for different types of content. CLICK STEP(S) Click Exchange in the left nav.

CLICK STEP(S) Click protection in the left nav.

With spam filtering, administrators can use risk levels to enhance their organizations’ bulk email protection capabilities. The higher the threshold is set, the more bulk email that can get through to users. CLICK STEP(S) Click the pen icon to edit the rule.

CLICK STEP(S) Click spam and bulk actions in the left nav.

CLICK STEP(S) Click the drop down under Bulk email in the left nav.

The higher the threshold is set, the more bulk email that can get through to users. CLICK STEP(S) Click Cancel.

IP addresses can also be blocked. CLICK STEP(S) Click connection filter.

Of course, administrators cannot possibly identify every potentially harmful IP address. CLICK STEP(S) Click the pen icon to edit the rule.

CLICK STEP(S) Click connection filtering.

Microsoft provides them with a safe list, a growing list of IP addresses that are known to be benign. CLICK STEP(S) Click Cancel.

Administrators can also implement policies that detect malware in individual email messages, whether intentional or not. CLICK STEP(S) Click malware filter.

CLICK STEP(S) Click the pen icon to edit the rule.

CLICK STEP(S) Click settings.

As a response to detection, the email messages can be deleted, or they can be delivered with attachments removed from them. CLICK STEP(S) Click the right scroll bar to scroll down to show the admin email field.

Notifications about malware detection can be sent to both internal and external senders as well as administrators. CLICK STEP(S) Click Cancel.

Advanced Threat Protection (ATP) expands on existing content filtering capabilities, hardening organizational email environments. CLICK STEP(S) Click advanced threats in the left nav.

Malware filtering policies in the protection area of the Exchange admin center work great for threats that are known by anti-virus programs and that have corresponding signature files. ATP goes even further by using Safe Attachments to detect threats that are unknown by anti-virus programs. CLICK STEP(S) Click the pen icon to edit the policy.

With Safe Attachments, email messages containing attachments are routed through a detonation chamber, where they are analyzed for potentially malicious behavior. CLICK STEP(S) Click settings in the left nav.

If, for example, an email attachment is trying to access a user’s registry, a Safe Attachment policy can block that attachment, replace it, or simply monitor the scan results. Additionally, administrators can redirect blocked, replaced, or monitored attachments to a specific email address. CLICK STEP(S) Click Cancel.

ATP also uses Safe Links to scan email messages and detect potentially malicious URLs, like those from phishing scams. CLICK STEP(S) Click safe links.

CLICK STEP(S) Click the pen icon to edit the policy.

Safe Link policies check URLs against a list of known malicious links. CLICK STEP(S) Click settings.

A link can then be rewritten so that, when clicked, users are redirected to a protective shell and notified that the original URL has been classified as malicious. Administrators can track user clicks to these links and allow users to click through to the original URLs. Administrators can also identify a list of URLs that should not be rewritten, should they happen to inadvertently end up on the list of known malicious links. CLICK STEP(S) Click Cancel.

The information worker experience for ATP is all about protection. CLICK STEP(S) Click the Edge browser to show Sara’s OWA experience.

Here, Alex has sent Sara a message with an attachment. CLICK STEP(S) Click the third message, from Alex Darrow.

The organization’s Safe Attachment policy detected that there were unverified signatures in the attachment and thus blocked it. CLICK STEP(S) Click the attachment (Keys.js).

CLICK STEP(S) Click OK.

In the message, Sara still has access to the original message body, but the malware threat was removed. Meanwhile, the attachment was redirected to the administrator for further analysis. CLICK STEP(S) Click the first message, from Alex Darrow as well.

In this message about cheap flights, she clicks a known phishing link. CLICK STEP(S) Click “site”, the hyperlink in the message.

The organization’s Safe Link policy found that link to be malicious and rewrote it. Sara is thus redirected to a protective shell, which alerts her about the classification of that URL. CLICK STEP(S) Click the “Mail – Sara Davis – Outlook” tab in Edge.

The policy is selective enough to remove only malicious links The policy is selective enough to remove only malicious links. Even within a single email with both safe and malicious links, only the malicious links will be removed. CLICK STEP(S) Click the “Bing” hyperlink.

Within that same message about cheap flights, Sara clicks the link in the signature line and navigates to Bing.com as expected. Back in the Exchange admin center…. CLICK STEP(S) Click the Edge browser in the bottom to switch to the admin center.

…. administrators can review a report that tracks individual user clicks of malicious URLs in email messages. CLICK STEP(S) Click mail flow in the left nav.

CLICK STEP(S) Click url trace.

The report contains URL traces from the previous seven days The report contains URL traces from the previous seven days. These traces and can be filtered by date and time, by recipients, or by a list of exact URLs. CLICK STEP(S) Click in the right scroll bar to scroll down.

Here, the administrator filters with Sara as the recipient to see her recent trace activities, which includes the URLs that were rewritten. CLICK STEP(S) Click add recipient.

CLICK STEP(S) Click Sara Davis.

CLICK STEP(S) Click add.

CLICK STEP(S) Click OK.

CLICK STEP(S) Click the right scroll bar to scroll down.

CLICK STEP(S) Click search.

<Results do not show up> As shown in this demo, Microsoft has made great investments in the Exchange admin center to expand threat protection in Office 365.